Open shuhaib-kk opened 4 months ago
@shuhaib-kk Hello, I am sorry you are having trouble. Could you please from an error output or error log? It is hard to say exactly what is happening without any error information. The second screenshot does indicate that the automated snapshots config was deleted out-of-band. Did you delete the s3_daily
config in Vault outside of terraform?
@fairclothjm Hi, the issue is even though am passing aws_secret_key_id argument using variable.
it is not getting configured on vault side. i also checked in state file where it is coming as
"aws_secret_access_key": "",
but am able to see aws_access_key_id in the state file.
so i just tried to recreate the config by deleting the config outside terraform and while recreating aws_secret_access_key
is not being shown as you can see in the above screenshot
Thanks @shuhaib-kk! It doesn't look like the vault_raft_snapshot_agent_config
will pickup any environment variables. Please make sure aws_secret_access_key
is set in the config.
@fairclothjm you mean configure out of terraform?
resource "vault_raft_snapshot_agent_config" "s3_backups" { name = "s3_daily" interval_seconds = 1800 # 30 mins retain = 7 path_prefix = "/tf-vault-backup/dev/" storage_type = "aws-s3" aws_s3_bucket = var.s3_backup_bucket aws_s3_region = var.s3_backup_bucket_region aws_access_key_id = var.aws_access_key_id aws_secret_access_key = var.aws_secret_access_key }
this my tf code and all variables are being picked up except aws_secret_access_key
@shuhaib-kk Thanks, can you confirm that var.aws_secret_access_key
is being populated with your variable as expected?
@fairclothjm no, var.aws_secret_access_key is not getting populated as expected and it is also not visible in state file. Where as access key is getting populated i even tried passing aws_secret_access_key during tf apply command
Terraform Core Version
1.0.11
Terraform Vault Provider Version
3.25.0
Vault Server Version
1.15
Affected Resource(s)
raft_snapshot_agent_config
Expected Behavior
aws_secret_access_key should be fetched
Actual Behavior
aws_secret_access_key is not being passed or fetched from vars.
![Uploading Screenshot 2024-03-11 at 1.00.22 PM.png…]()
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
resource "vault_raft_snapshot_agent_config" "s3_backups" { name = "s3_daily" interval_seconds = 1800 # 30 mins retain = 7 path_prefix = "/tf-vault-backup/dev/" storage_type = "aws-s3" aws_s3_bucket = var.s3_backup_bucket aws_s3_region = var.s3_backup_bucket_region aws_access_key_id = var.aws_access_key_id aws_secret_access_key = var.aws_secret_access_key }
Steps to Reproduce
resource "vault_raft_snapshot_agent_config" "s3_backups" { name = "s3_daily" interval_seconds = 1800 # 30 mins retain = 7 path_prefix = "/tf-vault-backup/dev/" storage_type = "aws-s3" aws_s3_bucket = var.s3_backup_bucket aws_s3_region = var.s3_backup_bucket_region aws_access_key_id = var.aws_access_key_id aws_secret_access_key = var.aws_secret_access_key }
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/raft_snapshot_agent_config#aws_secret_access_key
Would you like to implement a fix?
None